|usage, testing, cipher details, attacks, notes|
Ciphers can encrypt and decrypt information such that persons who do not know the password (the decryption key) can not read it. The implemented ciphers are strong enough to protect important information such as your passwords and PIN numbers.
Figure 1 shows how the program looks like on a PDA (Pocket PC). You can try-out the program directly in figure 1 or in a full size window by clicking on 'implementation'. With most browsers, you can download the implementation by right-clicking on 'implementation' and selecting the appropriate action.
|Figure 1: The encryption program.|
The program includes an example on how to use it. To see this example, switch to the category 'Examples' using the selector in the bottom-left corner. If you subsequently switch to the 'Edit' mode, using the selector in the bottom-right corner, you can edit this example and add your own text.
Category 'Examples' includes three embedded figures. Depending on the capabilities of your browser however, some of these figures might not be shown. Two of the three embedded figures in the example are specified using Base64 data. To get this Base64 data, you can use any Base64 conversion tool (example).
In category 'All', mode 'Edit', you can add and remove categories. For example, in case you want to remove the category named 'Main', first switch to the delete action by clicking on the button in bottom-middle until it shows a 'D'. Then click on the 'D' button in front of category 'Main'.
To encrypt your text, switch to the mode 'Save' using the selector in the bottom-right corner. Enter a password and click on the button 'Encrypt&Save'. Retype your password for verification purposes and click on the button 'Encrypt&Save' again. In Internet Explorer, you'll get a file dialog box. In other Browsers: save the top frame as an HTML file by right-clicking on it and selecting the appropriate action.
Alternatively, you can decrypt text directly, without using a file. For example, to decrypt:
F3gM7OvJSrWEalo6mpqMkWX/r4oxAtbGi7TyuZQGgV5 uKjfa/sF84pxwEDE4WGSHhB/RbbyTx708zxs0I+fk7e LRQpi+9Q96wjDeKjjfcjMax01RX3H58r0GYL8VeHXd
switch to the mode 'Load', copy the Base64 code above and paste it into the box marked with 'code'. Then select the AESc cipher, type as key 'very1very2secret' and press the 'deCrypt' button.
It is possible to use the keyboard instead of the mouse. In most cases, the access key is the first capitalised letter of the button or option. For example, switching between the table actions Add, Interchange and Delete is done by pressing 'Alt-A', 'Alt-I' and 'Alt-D' respectively. Pressing the 'Alt'-key together with a ',' or '.' scrolls through the list of categories.
|Figure 2: View of the program.|
If you want to test the implementation, put the program in the 'Load' mode and type testCode.html (or the full URL: in the input field marked with 'file'. Subsequently, click on the 'deCrypt'-button; keys are not needed. In case you used figure 1 to load 'testCode.html', figure 1 should now look exactly like figure 2.
It is possible to test the implemented ciphers as well as the UTF-8 and Base64 transformations. In case of encryption, the program uses UTF-8 to transform Unicode characters into bytes and Base64 to transform bytes into printable characters. In case of decryption, the program executes the transformations in the inverse direction.
Several predefined tests are included. For more tests, see e.g. the AES Known Answer Tests, the Serpent Known Answer Tests and the Twofish Known Answer Tests (files ecb_iv.txt, ecb_tbl.txt, ecb_vk.txt and ecb_vt.txt).
RC4, AES, Serpent, Twofish, Caesar and Swap are symmetric ciphers. The encryption key and the decryption key are the same.
The RC4a cipher modifies the RC4 cipher to circumvent its weaknesses. Firstly, RC4a adds a timestamp to the key to prevent the same key from being used twice. Secondly, RC4a drops the first 256 bytes of the RC4 pseudo-random number generator.
The program implements both the Electronic Codebook (ECB) mode as well as the Cipher Block Chaining (CBC) mode of the AES, Serpent and Twofish ciphers. The ECB variants of these ciphers have as acronym AESe, SRPe and TFSe respectively. The CBC variants have as acronym AESc, SRPc and TFSc.
Caesar (CSR) is an encryption scheme that simply adds the provided key to the plain text in a round-robin fashion. It needs a very long key to be secure. The Roman emperor August used the first 100(!) lines of Ilias as the key.
Swap (SWP) is an encryption scheme that swaps the input characters. The intention of Swap is to be used in between other ciphers in order to prevent modular behaviour. For example: when used in between an AES encryption step and an Serpent encryption step, it makes sure that these two steps don't work both on the same 16 byte blocks. In case a key is provided, Swap does a Caesar-like encryption with this key.
RSA is an asymmetric cipher. It uses a pair of keys, one private key and one public key. Text encrypted with one key can only be decrypted with the other key. This asymmetric behaviour can be used both for security and for authentication purposes:
It is possible to combine these two functions: first encrypt the message with your private key, and then encrypt the message with the public key of the intended receiver.
The program includes a tool to generate a pair of RSA keys (in mode 'tool'). Be aware that, when you are not using Java, the complexity of the algorithm is O(n4), in which n is the number of bits in the key. I.e. given the time needed to find a key of n bits, it takes about 16 times longer to find a key of 2*n bits; 81 times longer to find a key of 3*n bits; etcetera.
AES, Serpent, Twofish and RSA are block ciphers. Padding bytes (0x00) are included at the end of the input to fill up the last block. With the 'lenInd'-option (length indication), each block cipher will ensure that the original text is restored, removing the appended padding bytes.
Without the 'lenInd'-option, block ciphers will simply remove all trailing 0x00 bytes. In specific cases (when the output of one cipher is input to another cipher) a 0x00 byte at the end of the decrypted text of the first cipher may not be the result of padding, but may actually be part of the encrypted text of the second cipher. In such cases, the chance on failing decryption is therefore 1:256.
Current computers are capable to search an enormous key-space (brute force attack). For this reason, the encryption keys must have a reasonable length. In table 1, you can find the time spent by current computers to do a brute force search on the complete keyspace. Note that Base64 characters are used for the key, i.e. 6 bits per character.
|Key length||Time to search the keyspace|
|Symmetric (RC4/AES/SRP/TFS)||Asymmetric (RSA)||High-end computer||University network||Military|
|40 bits, 7 chars||274 bits, 46 chars||weeks||hours||microseconds|
|64 bits, 11 chars||512 bits, 86 chars||millennia||decades||minutes|
|80 bits, 14 chars||1024 bits, 171 chars||infinite||infinite||centuries|
|128 bits, 22 chars||3072 bits, 512 chars||infinite||infinite||millennia|
The files that are read and written by the program are easily recognisable as containing encrypted data. If you want an extra level of protection, store the encrypted data in a less obvious place. For example, with Mozilla Thunderbird, save an email with attachment in .eml format. Then simply replace the (Base64 encoded attachment) with the result of the encryption.
'Standards compliant' option in mode 'tool': Internet Explorer seems unable to do full-screen text editing using standard HTML. At least, I did not find a standards compliant alternative for absolute positioning of the <TEXTAREA>-element that does work as expected in Mozilla and Netscape.
Losing changes: The program can confirm, upon exit, if you really want to lose changes you have made. If you accidentally forgot to save your changes, the program is reloaded so you can save your text. For this functionality to work, you need to disable pop-up blocking in your browser.
Open source: "In the cryptography world, we consider open source necessary for good security; we have for decades. Public security is always more secure than proprietary security. It's true for cryptographic algorithms, security protocols, and security source code. For us, open source isn't just a business model; it's smart engineering practice." (Bruce Schneier, Crypto-Gram 1999/09/15)
|Internet Explorer||5.5, 6.0||-||-||-|
|Michiel van Everdingen (Email)|
|October 2005 History|
AwABAAG3QtPK24NEAdxICvMPI8wn9p8a6aGWs5HG yQBf2071gNzmPtMd7mlAa6qqHu0/Gs2mZ1mqwNKT JVRtkMggamTTWeXbnlELQecCjitedNDwBVHpeJVL Ce+yz1E3qJt2ChOO/d/oFZwae5hJbafrQSg+J/Ie RXh6vLbpCqcECcnOCR5yOB5EG9fqwkdu6fBJzXJT G+2BIof22WddhXsogF0iLJLp0VfIg5rvRNDFWbtA qIepIhg/dHYx2fpU5KhZ5Vxx50XKdsPPdkp/giE1 cYrTBbJRGR7In2uJoquHIBiSf7ORKb41iAqAwruu rbey+X7ySqkvjIneXiS/